Whitelisting “Unsecure” Websites in Recent Versions of Chrome for macOS

May 15, 2017

The latest versions of Chrome (from v57 forward I believe) perform extra checking on websites. This may lead you to encounter “Your connection is not private” and “NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED” warnings when visiting sites that are known safe.

Example:

What generates the alert is that not all companies (mine included) implement our web certificates the way Chrome now expects. Something to do with Chrome and OpenSSL using different trusted root CA’s which makes the trust chain slightly different. To be fair, Chrome now checks this to prevent spoofing and MIM attacks, but it results in false errors and causes Chrome to stop offering to store passwords. Annoying.

Googling how to stop these errors yields many red herrings but few actual results. For example, Chrome v53 did this to many users but v54 fixed it, and you’ll trip over this while searching, as well as Android and Linux posts that don’t help. This post is my attempt to document the actual solution for others who are searching for it.

To whitelist a domain in Chrome, ensure the com.google.chrome.plist file in /Library/Preferences contains: